Tags Posts tagged with "ISO 9001"

ISO 9001

0 851

Are your Business Management Systems still operating in Silos?

If so then you may want to think about adopting a more integrated approach…

Steve Tyler, CEO & Founder of BusinessDocsOnline


Working in Silos?

There comes a point in the development of many organisations when they need to obtain some form of certification, and for the majority they will probably implement a management system for either Quality or Health & Safety.

There then follows a period of time where their requirements for certification will be covered with a single management system.

However, once an organisation grows to a point where it requires more than one management system, then that is the time for top management to step back and consider adopting a more integrated approach.

Yet too many organisations miss this opportunity and implement their management systems as stand-alone platforms.  They then end up with individual management systems being used in silos.

For some organisations, working in silos may be the most suitable way to function, and there may be operational reasons why this approach works best for them.

But working in silos also has a downside…

Silo Mentality (as defined by the Business Dictionary):

“a mind-set present when certain departments or sectors do not wish to share information with others in the same company.  This type of mentality will reduce efficiency in the overall operation, reduce moral, and may contribute to the demise of a productive company culture.”
Whilst an integrated management system may not work for every organisation, for many the long-term benefits will far outweigh the short-term effort required to move forward.

So why not integrate your management systems and eliminate all the inefficiencies and duplication of activities that are part and parcel of having individual systems and working in silos?

But how easy is this to achieve?

The PDCA Cycle: – Plan – Do – Check – Act

With the latest release of ISO 9001:2015, this revised standard aims to further develop the “Risk Based Thinking” approach within an organisations.  It also brings two other aspects into the management system arena that are going to re-define the future of management systems.  One of these is Annex SL and the other is the PDCA cycle.

Lets come back to Annex SL later, and deal with the PDCA cycle first.  Within ISO 9001:2015 this functions as follows:

Plan

Top Management must assess the risks & opportunities that may impact on the organisation and carry out the planning required to ensure these risks do not affect the organisations ability to deliver its “desired outputs”.  Exploiting any opportunities that have been identified must also be planned.

Do

Process activities must be carried out in such a way as to ensure they are aligned with the outputs of the planning processes.

Check

Top Management must review & measure the organisations performance against their objectives.

Act

Top Management must also plan & implement any actions that will deliver continual improvement.

Whilst the “desired outputs” of each organisation are quite unique, one way or another they all lead back to Customer Satisfaction.  Once Customer Satisfaction can be monitored, it can be measured.  And as the saying goes – “What gets measured gets done….”

So we can see how the PDCA cycle works for a Quality Management System, but this is really just the tip of the iceberg.

This PDCA cycle can now be applied to just about every other ISO standard, including Health & Safety [45001]*, Environmental [14001:2015] and Information Security Management [27001], and every system you implement can follow the same structure.

The net result here is that it is now possible to implement an integrated management system that combines Quality, Environmental, Health & Safety and Information Security.

But can they be that much more effective if they are integrated?

The Benefits of Integrated Management Systems

Once an organisation has decided to integrate their management systems then it’s at this point they can start to see the real benefits.

Organisations that have already implemented a single management system based around the PDCA cycle will find it up to 50% quicker when they come to implement their next management system.

The PDCA Cycle means it is possible to integrate your management systems into one platform, and organisations can now implement a single solution that controls all of the following:

  • Risks & Opportunities for Product & Services
  • Customer Requirements & Satisfaction
  • Environmental Impacts
  • Health & Safety Hazards
  • Information Security Integrity

With this integrated approach, much of what is needed from the management team can now be done under one umbrella, and top management can now take a broader view of their organisation whilst undertaking the following activities:-

  • Planning
  • Assessments of Risk & Opportunities
  • Internal Audits
  • Management Reviews
  • Continual Improvement

The end result is that:

  • The organisation can now be managed using joined-up thinking.
  • Auditing models can be revised to provide a much broader remit, but with fewer audits.
  • KPI’s & SMART objectives can now become more aligned.

But just how well are all the different standards able to interact, and how easy is it to implement a single integrated platform across 2, 3 or 4 different management systems?

That’s where Annex SL comes in…

What is Annex SL?

Annex SL is an ISO document that defines a high level structure [HSL] for the framework of a generic management system.

It was first published by ISO’s Technical Management Board (TMB) in 2012 and the recent release of ISO 9001:2015 has been revised to align with Annex SL.

Annex SL has arrived with a vengeance with the latest version of ISO 9001:2015, and is now here to stay.

In the future, all new ISO management system standards will adhere to the Annex SL framework and all current management system standards will migrate to it at their next revision.

As a result of the introduction of Annex SL, all ISO management system standards will become more consistent, and hence more compatible.  They will share the same look and feel, having been built on a common foundation.  The structure of all management systems will now include the following sections:

  • Context of the Organisation
  • Leadership
  • Planning
  • Support
  • Operation
  • Performance Evaluation
  • Improvement

There are common core definitions too; the following words will have the same interpretations across all Annex SL standards:

  • organisation
  • interested party (preferred term)
  • stakeholder (admitted term)
  • requirement
  • management system
  • top management
  • effectiveness
  • policy
  • objective
  • risk
  • competence
  • documented information

  • process
  • performance
  • outsource (verb)
  • monitoring
  • measurement
  • audit
  • conformity
  • nonconformity
  • correction
  • corrective action
  • continual improvement

Annex SL represents the beginning of the end of the conflicts, duplication, confusion and misunderstanding arising from subtly different requirements across the various management system standards.

Auditors now face the challenge of focusing their own, and their clients’, thinking on viewing organisations’ management systems holistically.


About BusinessDocsOnline

0 766
What Does Schedule 16 of Bill 70 Really Mean for Companies in Ontario?

On the 8th of December in 2016 Schedule 16 of Bill 70, the Building Ontario Up for Everyone Act (Budget Measures), 2016, gained royal assent and its amendments to the Occupational Health and Safety Act came into effect:

Schedule 16 – Occupational Health and Safety Act – says:

“The Schedule amends the Occupational Health and Safety Act to give the Chief Prevention Officer the power to accredit health and safety management systems, and to give recognition to employers who use accredited health and safety management systems. The Chief Prevention Officer may also establish standards and criteria that must be met by health and safety management systems or employers in order to receive accreditation or recognition. Related amendments are also made.”

What Schedule 16 Means

What this means in a nutshell is that once the CPO (Chief Prevention Officer) has defined the requirements through bill 70 for an accredited health and safety management system, companies could then become certified to that system. Certified companies that are then able to demonstrate their commitment to using a coordinated system to improve their OHAS would then be able to benefit from things such as reduced routine inspections through the MOL.

In addition, the CPO will need to put in place a system that will recognize and incentivize companies to become certified. Details of those companies and their performance can then be made publicly available through the CPO.

Currently the CPO has not yet released any standards for accredited health and safety management systems and has said that they will be holding an “extensive consultation” to develop an “accreditation standard and employer recognition program”. Until the CPO actually defines the standards for accredited health and safety systems, the changes implemented by this act will have no real effect on anyone.

ISO 45001 as a Framework for OHS Standards in Ontario

Of course, an accredited standard is currently on the verge of being released should the CPO want to use the framework provided by ISO. The new standard ISO 45001 Occupational health and safety management system – requirements will follow a similar framework to that of ISO 9001 and 14001 giving companies an accredited standard against which they can be certified by a third party. This new worldwide standard will become available hopefully towards the end of 2017.

Assuming that this will meet the expectations of the CPO and interested parties then this would be a perfect way for companies to start putting in place processes, procedures, and other measures to drive continuous improvement in occupational health and safety.

0 1248

Documented Information for ISO 9001:2015

With the relatively recent release of ISO 9001:2015, many companies are still asking themselves what documentation is required. Back with the 2008 release, most companies were comfortable with the six mandatory procedures that were expected of them as well as the need for a quality policy and manual. The update to 2015 has however removed the requirement for a quality manual and blurred the distinction between procedures and records.

With the new release, both documents and records are termed “documented information” and must be controlled and maintained. This is what will form the evidence required to show that you are conforming to the requirements of your quality management system.

Clause 4.4 of ISO 9001 requires your organization to maintain the documented information that is required to support the operation of your processes and to retain that information to be able to have confidence that those processes are being completed as planned.

So what is required by the standard?

The following is a clause-by-clause breakdown of what is required by the standard. However, some of these clauses can be excluded if the company does not perform the relevant processes:

Mandatory records:

  • 7.1.5.1 – Monitoring and measuring equipment calibration records
  • 7.2 – Records of training, skills, experience and qualifications
  • 8.2.3.2 – Product/service requirements review records
  • 8.3.2 – Record about design and development outputs review
  • 8.3.3 – Records about design and development inputs
  • 8.3.4 – Records of design and development controls
  • 8.3.5 – Records of design and development outputs
  • 8.3.6 – Design and development changes records
  • 8.5.1 – Characteristics of product to be produced and service to be provided
  • 8.5.3 – Records about customer property
  • 8.5.6 – Production/service provision change control records
  • 8.6 – Record of conformity of product/service with acceptance criteria
  • 8.7.2 – Record of nonconforming outputs
  • 9.1.1 – Monitoring and measurement results
  • 9.2 – Internal audit program
  • 9.2 – Results of internal audits
  • 9.3 – Results of the management review
  • 10.1 – Results of corrective actions

Other Mandatory Documents:

  • 4.3 – Scope of the QMS
  • 5.2 – Quality policy
  • 6.2 – Quality objectives
  • 8.4.1 – Criteria for evaluation and selection of suppliers

So what does this mean?

You should still tailor your quality management system to meet the requirements of your own business and all of the interested stakeholders. This can be done in any way that your organization sees fit; although a quality manual is still one of the easiest methods. As long as these processes and associated records can be shown to meet the requirements of ISO 9001:2015 effectively then that is fine. If not then the relevant action should be taken to ensure that all of the required clauses are covered.

0 665

Even if you have an informal quality management system within your business it is often difficult to implement the requirements of ISO 9001:2015. Depending on the size of your business this could be a task that may take six to twelve months to complete depending on the established current systems. It is vital that your staff are fully trained and engaged to make any implementation a success. The following 10 tips are vital to smoothly and effectively implementing an ISO 9001 management system:

  1. Get senior management commitment; while this may sound a little cliché, without the full commitment of your management team throughout the business it is going to be very difficult to drive home the changes and improvements that are required.
  1. Provide training at all levels in the business. Your staff needs to understand not only about the requirements of ISO 9001 but also the different quality principles that they should strive to implement within their every day work. Training should be provided on an ongoing basis according to perceived needs.
  1. Ensure that you have effective internal communication. Without this you are not going to be able to maintain the constancy of purpose that is required.
  1. Establish an implementation team with the authority to make things happen. You cannot just implement an ISO 9001 management system by assigning a management representative and expecting them to do everything in isolation. You need to identify the staff that will be required at all levels throughout the business to craft your system.
  1. Conduct a Gap Analysis; you need to fully understand where your current system meets or fails to meet the expectations of ISO 9001:2015 so that you can allocate resources accordingly.
  1. Involve customers and suppliers in analyzing your current systems. It is important to understand how others view the effectiveness of what you currently do and what they expect from you to improve things.
  1. Plan your implementation fully; responsibilities, roles and schedule. As with any project, the better that you plan it the more likely you are to have success.
  1. Create clear and concise policies and objectives for quality to provide the company with a common direction. Well communicated and understood these will help your company to move forward together.
  1. Encourage everyone to question and improve. It is not enough to only have auditors looking for issues with the systems; everyone should continually seek better ways to do things.
  1. Conduct regular reviews of your ISO 9001 management system through your auditing process to ensure that you are continually improving how your systems function.

In addition to the above, foster a good relationship with your certification body. Your auditor is not there to catch you out. They will want to help you to develop and grow a system that will significantly benefit your business, so use them fully.

0 770
Lean System

Introduction to the Lean System

As with anything in life, you will get out as much from your ISO 9001 management system as you put into it. If you treat it as a documentation requirement and burden on your business just to get certification then you are unlikely to see any real benefits; in fact, you may even stifle your own growth.

The aim of any ISO 9001 QMS is to enhance your businesses product or service quality by standardizing and continually improving all of your business processes. This in turn will help you to increase productivity and drive out waste of all forms within your business.

Why Use Lean System with ISO 9001?

ISO 9001 outlines what is required for a certifiable QMS. However if you read ISO 9004 you will see that it suggests a huge amount more than 9001 requires as a minimum. Merely aiming for what the standard requires so that you achieve certification is not going to help you actually improve your business in a way that is going to help you grow it.

A QMS should always consider the customer first, not the standard. It should also be put in place to continually improve the business and its output. Something that is also provided through implementing a Lean system.

Lean Manufacturing has grown out of what is known as the Toyota Production System (TPS), and is why Toyota managed to dominate the world automotive market in such a short space of time. Lean is in its simplest form just another QMS; when you implement Lean you put in place the controls and systems to provide the customer exactly what they want, where they want it, when they want it, in the right quantity, without any waste or delays.

Lean provides you with a host of tools such as 5S, which helps you to set up a highly visual, organized and efficient working space, through to continuous improvement techniques such as Kaizen. Lean fits perfectly within any ISO 9001 QMS and can only help you to further improve and grow your business using proven tools and techniques.

0 1455
Quality

Have you ever stood staring at a range of products in a supermarket trying to make up your mind which one to buy?  They all look quite similar, but one stands out and you buy it.  Why?  It’s got a sign on the shelf and a logo on the product to tell you that it’s won an award for quality.

So you’ve just based your purchase on Quality – Your customers are making the same decision every day!

Quality is more than just finished product, it’s the processes, systems and people that are behind the product.   Quality is everybody’s responsibility.

Quality is the pursuit of excellence, striving to be the best we can and getting ahead of our competitors.  It is meeting the needs and expectations of all stakeholders – our customers, our suppliers, our staff and the community at large.

How can we ensure that we are exploiting all avenues to be the very best?  A recognized standard such as ISO 9001 certification promotes the use of quality tools in business.   The ASQ (American society for quality) estimates that for every €1 spent on a quality management system, such as ISO 9001, returns €6 in revenue, €16 in cost reduction and €3 in profit – that’s €25 for every €1 spent!

93% of organisations agree that the implementation of a quality management system such as ISO9001 was a significant driver of success and most would agree that without it they could not justify their pricing to customers.

If you are looking at ways to improve your ROI by improving your quality then consider ISO certification.   Using an expert to help you implement a quality management system will ensure ISO 9001:2015 accreditation which will in turn help you make significant improvements and lead to significant growth.

 

This post has been a guest posting from Joann O’Brian over at our friends at CG Business Consulting Ireland .

0 2459
ISO Implementation Process

Preparing for an ISO implementation process of any ISO standard can be overwhelming and frightening for many. How an organization prepares for implementation will depend on factors such as size and complexity of its processes, the current knowledge and culture related to the standard (quality, environmental, safety, etc), the maturity of any other existing systems related to the standard wishing to implement, and many others. Despite the differences there may be between organizations, there are a few tips that will facilitate the implementation process of any management system, these are:

Know the standard.

It is essential that some personnel knows the management system’s requirements. Everyone does not need to be an expert on the requirements of the specific standard that will be implemented, but key workers need to fully know and understand all of the requirements of the standard.

Inform everyone what is going on.

The implementation process is not a task of just a few chosen ones. Everyone needs to be involved in this process. Every worker needs to know what is being implemented, why is it being implemented, which are the benefits for the organization and for themselves, and how they will be involved in the process. When people are informed, they will be more open and willing to collaborate in the implementation.

Analyze the organization’s current situation.

Before starting to implement any ISO management system, an organization needs to know its level of compliance with the standard. This will allow the organization to understand beforehand its strengths and weaknesses regarding the ISO management system wishing to implement and estimate the time needed for implementation.

Map your processes.

Establish and record current processes in order to know the relationships between departments and how the processes flow within the organization. This will allow organizations to plan their implementation by processes and not just by areas and departments.

Review existing procedures and work instructions.

Many processes need written and documented information that will guarantee that activities are carried out in the correct manner. Organizations need to review which processes are documented and how many work instructions there are. It is not the same to develop a few documents and just review work instructions than to develop them from scratch. Organizations need to have an idea of how much time they will have to invest in developing and reviewing documents.

Review current training programs.

Evaluate existing training and awareness programs. Training and awareness are an important part in the implementation process and if an organization has not considered training its workers, it would be best to redefine these programs to make sure that a large percentage of workers are trained and informed about policies, procedures, regulations, etc that will be a part of their daily activities.

These are some recommendations that will help organizations prepare for the implementation process of any ISO management system. The most important aspect to keep in mind is to make sure that the whole organization is working for the same objectives and pulling in the same direction.

 

0 1826
  1. Commit to improvement.

For any QMS to improve, it is essential that everyone is committed to seeking problems, evaluating efficiency and effectiveness of processes and implementing better and improved ideas. Management should be the first to make this commitment and if management “walks the talk” then everyone will follow.

  1. Analyse and assess current QMS.

Organizations need to take a closer look at their current practices in order to identify any gaps between what is being done and what should be done. This can be achieved by interviewing workers in critical control points, reviewing procedures and records and observing how processes are occurring. Any steps that are not adding value to the process, the system or the organization must be identified, removed or improved.

  1. Include everyone in training programs.

A QMS is not the responsibility of one person or one department. Everyone must be involved in improving the quality of products, services and processes.

Organizations should establish a training program for new employees and existing ones.  These programs should promote knowledge, produce skills and capacities and reduce resistance when implementing new ideas for improvement.

  1. Define clear goals and objectives and make sure everyone knows them.

QMS should aim at achieving specific goals. If a clear path is not drawn, there’s a risk that people will be working real hard but in different directions. Time should be spent in assuring everyone knows these goals, how they’ll be achieved, how they’re measured and periodically they should be informed of where the organization is standing in relation to these goals.

  1. Make sure the right key performance indicators (KPI) are being used.

Organizations need to carefully select and review their KPI. These should let an organization know how efficient and effective processes are and indicate where possible problems could be. If they are not giving a real overall picture of where the organization is at regarding quality, then another look should be taken to change or improve what and how performance is being measured.

  1. Listen to the suggestions of employees and customers.

Create a system that will promote workers and customers to share improvement ideas. Many great improvement ideas come directly from the people processing a product or the people that actually use it.

  1. Give people credit.

To encourage participation throughout the organization, motivate workers by recognizing their work and their ideas. Compensation or recognition should not necessarily be monetary, a simple public recognition in working meetings to can have great effects in lifting workers morale.

  1. Make the system simple.

A QMS that is extremely complex and overloaded with documents is not necessarily the best one. If documents and procedures are long and complicated, it is very likely that people will never use them. Evaluate the system and make sure that it makes sense and that it’s as simple as possible.

  1. Create quality groups.

In many organizations workers from different departments or areas are reluctant with sharing information. By bringing together people from different areas to evaluate processes and recommend improvements, an open and more effective communication can be achieved between areas that operationally seem to be apart.

  1. Have a quality attitude.

In order to reach the goals that have been set, organizations need to identify and detect problems and weaknesses but they must focus on improvements. If managers are constantly focusing on failures and defects and not on how to remove or improve them, the right attitude and mindset for quality will never be achieved.

0 2099

No matter how many audits someone has gone through, knowing that someone will come and check your work always generates some tension and anxiety. Here are some recommendations to get rid of the fear and prepare for a successful ISO 9001 audit.

Prepare employees.

  • Refresh the quality policy and make sure everyone understands it. There is no need for workers to memorize it, but they should have a clear understanding of what the organization has committed to in terms of quality.
  • Refresh quality objectives. Workers should know what the organization’s quality objectives are and how they contribute in achieving them. They should know and be able to explain how their day to day activities can influence these objectives.
  • Ensure that everyone has been properly trained to perform their tasks.
  • Make sure everyone knows where to find procedures, work instructions and forms relevant to perform and record correctly a specific activity or process.
  • Let everyone know the scope of the audit, what will auditors be checking in their areas and when they will be audited.
  • Workers should have the confidence to answer what they know, and have the same confidence to say ‘’I don’t know” when they are not sure what they are going to answer.

Check all documented information.

  • Make sure document and record list has been updated.
  • Check that all documents have been reviewed, approved, communicated and followed by everyone involved in the process or activity.
  • Make sure no one is using obsolete documents.
  • Verify that all records are being used and that they are being filled out correctly.

Ensure all processes are being performed correctly.

  • Make sure that all the procedures (whether they are documented or not) are being followed.
  • Ensure that critical processes are being performed in the same way (correct way) by everyone.

Review the corrective and preventive action process.

  • Review the findings from previous audits and make sure they have been attended.
  • All nonconformities must be properly recorded, investigated and actions need to be in place or concluded by the time of the audit.
  • Corrective actions that have been executed and closed need to have a proper verification of its effectiveness.

Organize the workplace.

  • It is very hard for quality control and assurance to happen in a messy, dirty and unorganized workplace, and auditors know that. So, take time to organize the workplace (offices, desks, warehouses, workshop floor, etc.).
  • Make sure records, forms, procedures and any relevant documents are at hand and easy to find.

Prepare to have a nice and professional audit.

  • Make a good first impression. Treat auditors professionally and with respect from day 1.
  • Do not be predisposed. Auditors are not enemies, they will come to help the organization uncover their defects and weaknesses in order to take the necessary actions to improve.

Do not wait for the last minute to prepare for the audit.

  • Preparing for an audit takes time and effort. The sooner the organizations begins to prepare for their audit, the more successful it will be. So start soon!

 

0 1849
ISO 9001 System

Here are some of the most common mistakes made by organizations when managing an ISO 9001 system:

Mistake 1. Top management is not committed to the ISO 9001 system.  If top management is not involved in quality, if they don’t provide the resources and mechanism to plan, control and improve their products, services and processes, ISO 9001 can not be sustained over time. It’s essential for top management to take decisions that demonstrate that quality, improvement and customer satisfaction are an important issue.

 

Mistake 2. Not training key personnel in ISO 9001. Not knowing what ISO 9001 is all about can be a big mistake. It is important for organizations to train key personnel (someone who has a decision-making role) in ISO 9001, in order to understand what ISO 9001 really is and what it requires. Not knowing nor understanding ISO 9001 can take organizations through a path of disappointment and despair.

 

Mistake 3. Not training all personnel. Everyone must receive training on the important quality aspects of the activities and processes they work in. Everyone must understand the importance of quality and how they can achieve it. The training must be consonant with their responsibilities and the activities they perform.

 

Mistake 4. Making the system complex. If the organization is working to keep the system alive, it is a sign that it is too complex and all the work of filling out forms and documenting procedures is not adding value to the organization. The system must be kept simple and practical, and it should focus on results and improvements, and not on documents.

 

Mistake 5. Not using the corrective action process properly. Organizations need to take the time to investigate their problems and involve the right people in the investigation process. Most problems are recurrent, so using the corrective action process correctly will reduce or eliminate their recurrence.

 

Mistake 6. Not knowing what customers want. One of the objectives of ISO 9001 is to improve or increase customer satisfaction, and if organizations do not take the time to listen to their customers, they will not be able to reach this goal. A long and complicated survey is not necessary nor recommended, just by asking a few key questions will give organizations enough information to determine and plan for changes that will aim to fulfill this goal.

 

Mistake 7. Rushing into the implementation process. To build a solid ISO 9001 management system takes work and time.Trying to implement the system in a short time will be counterproductive. Organizations need to take the necessary time to plan, do, check and act in order to implement a system that will improve their products, services and processes.

 

Mistake 8. Not having a trained and experienced internal auditor. In many cases, internal auditors lack the necessary training and experience to distinguish small details from big issues in the QMS. Auditors need to focus on the issues that will help organizations improve their processes and the system itself.

 

Mistake 9. Believing that what works for one organization will work for their own. Every organization is different and what may work for one, may not work for another. Organizations need to focus on their specific context in order to build and develop their management system around it.

 

Mistake 10. Leaving the responsibility of the QMS to one person. ISO 9001 needs to be the work of an entire organization. If people do not take ownership of the QMS, it will not work out. People need to incorporate quality in their work and activities and an outsider will not achieve that. Guidance and training is needed, but if quality is not done on a daily basis in every process then the system will never add value to the organization.